66% of security teams and IT professionals reported being targeted by ransomware during the past year
Ransomware attackers are notoriously opportunistic. Just in the past year, cyberattacks against U.S. schools have increased by 18% over 2019.
The VMware Security Business Unit has observed that with the rise of remote classes and the digital campus, ransomware attackers have new territory to target and easy payouts. After all, faculty, staff, and students are navigating new online systems, and attackers are poised to take advantage in every way. Lack of cybersecurity awareness and training, limited funding, and scarce resources (no dedicated individual for cybersecurity) make for a perfect cybersecurity storm. Plus, many legacy security tools that districts adopt are built for old requirements. This gap in functionality and scale has put student data privacy and security at risk. In today’s environment, it is critical to protect against sophisticated attacks such as ransomware that use your existing software against you for villainous purposes.
Lack of security visibility increases ransomware risks for school districts
Until school districts gain a better understanding of their overall attack surface endpoints, network access, servers, and virtual machines they will not have the ability to quickly pinpoint the initial stages of a ransomware attack or isolate any compromised hosts in time. At the same time, most school districts lack the funding and resources to fully invest in ransomware prevention or detection. Despite cybersecurity concerns being top of mind for superintendents, school board members, and parents, a school district’s primary charter is teaching and learning initiatives rather than implementing and managing cyber security technologies.
Proactive security with VMware Carbon Black
VMware Carbon Black Cloud protects K-12 districts against ransomware scenarios even for systems disconnected from the campus network. It integrates across your existing controls as well as tools within the VMware technology portfolio. First, VMware Carbon Black Cloud detects and alerts on known malicious IP addresses to prepare faculty, staff, and students for attacks underway. Second, VMware Carbon Black Cloud can block all unapproved USB mass storage devices or only enable the USB drive on certain devices (e.g., faculty and staff devices). Finally, VMware Carbon Black Cloud will identify malicious IP addresses, and if the attacker copies their tools and ransomware to the endpoint they are connected to, then VMware Carbon Black Cloud will stop destructive actions early in the kill chain.
Ransomware prevention, detection, and response without the complexity
Whether large or small, resource-strapped IT teams at school districts require security controls that can reduce the attack surface, while also being able to quickly detect a ransomware attack in progress, remediate, investigate, and recover. Unfortunately, many solutions are overly complex, difficult to implement and manage over time—or worse, they lack critical functionality.
Instead, school districts can use VMware Carbon Black’s NextGen AV to identify behavior consistent with a ransomware attack and prevent it from executing. Additionally, their Endpoint Detection and Response (EDR) capabilities enable teams to accurately discern between a false positive and a credible threat. School district teams who need additional support can extend their security staff with VMware’s Managed Detection service for alert triage and console management.